<?php 
$editFormAction = $_SERVER['PHP_SELF'];
if (isset($_SERVER['QUERY_STRING'])) {
  $editFormAction .= "?" . htmlentities($_SERVER['QUERY_STRING']);
}

if ((isset($_POST["MM_update"])) && ($_POST["MM_update"] == "form1") && (md5($_POST['pass_lama'])==$row_admin['pass']) && ($_POST['pass_baru']==$_POST['re_pass'])) {
  $updateSQL = sprintf("UPDATE data_user SET pass=%s WHERE nama_user=%s",
                       GetSQLValueString(md5($_POST['pass_baru']), "text"),
                       GetSQLValueString($row_admin['nama_user'], "text"));

  mysql_select_db($database_konek, $konek);
  $Result1 = mysql_query($updateSQL, $konek) or die(mysql_error());

}
?>


<form action="<?php echo $editFormAction; ?>" method="post" name="form1" id="form1">
  <table align="center">
    <tr valign="baseline">
      <td valign="top" nowrap="nowrap"><strong>Password Lama :</strong></td>
      <td valign="baseline"><input type="password" name="pass_lama" value="" size="32" class="form-control" /></td>
    </tr>
    <tr valign="baseline">
      <td valign="top" nowrap="nowrap"><strong>Password Baru :</strong></td>
      <td valign="baseline"><input type="password" name="pass_baru" value="" size="32" class="form-control" /></td>
    </tr>
    <tr valign="baseline">
      <td valign="top" nowrap="nowrap"><strong>Re-enter Password  : </strong></td>
      <td valign="baseline"><input type="password" name="re_pass" value="" size="32" class="form-control" /></td>
    </tr>
    <tr valign="baseline">
      <td nowrap="nowrap" align="right">&nbsp;</td>
      <td><input type="submit" value="Save" id="status-update-btn" class="btn btn-primary pull-right" />
        </td>
    </tr>
  </table>
  <input type="hidden" name="MM_update" value="form1" />
</form>

